'Appl. No. 09/751,899 

Amdt. Dated 09/02/2005 

Reply to Office Action of 06/02/2005 

Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings, of claims in the application: 

Listing of Claims: 

1. (Original) A method comprising: 

authenticating a user of a platform during a Basic Input/Output System (BIOS) boot 
process; 

releasing a first keying material from a token communicatively coupled to the platform in 
response to authenticating the user; 

combining the first keying material with a second keying material internally stored within 
the platform in order to produce a combination key; and 

using the combination key to decrypt a second BIOS area to recover a second segment of 
BIOS code. 

2. (Original) The method of claim 1 further comprising: 
continuing the BIOS boot process. 

3. (Currently Amended) The method of claim 1 , wherein prior to authenticating the 
user, the method comprises: 

loading a BIOS code including a first BIOS area and a second BIOS area, the first BIOS 
area being an encrypted a first segment of the BIOS code encrypted with a keying material stored 
within an internal memory of a trusted platform module of the platform and the second BIOS 
area being an encrypted a second segment of the BIOS code encrypted with the combination key . 

4. (Original) The method of claim 3, wherein after loading of the BIOS code, the 
method further comprises: 

decrypting the first BIOS area to recover the first segment of the BIOS code. 
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5 . (Currently Amended) The method of claim 3. wherein the first segment of the 
BIOS is encrypted with the keying material and static information pertaining to the platform^ 
furth e r comprising: 

unbinding keying material associated with a non volatile storage devic e to acc e ss 
contents s t o re d within th e non volatile storage device. 

6. (Original) The method of claim 1 wherein the combination key is a value formed 
by performing an exclusive OR operation on both the first keying material and the second keying 
material. 

7. (Original) The method of claim 1, wherein authentication of the user is 
performed through biometrics. 

8. (Original) The method of claim 1, wherein the second keying material is stored 
within internal memory of a trusted platform module. 

9. (Original) The method of claim 1, wherein the second keying material is stored 
within a section of access-controlled system memory of the platform. 

10. (Original) The method of claim 1, wherein prior to authenticating the user, the 
method comprises: 

loading a BIOS code including a first BIOS area being a first segment of the BIOS code 
encrypted using a selected keying material; and 

loading an integrity metric including a hash value of an identification information of the 
platform. 

1 1 . (Original) The method of claim 1 , wherein the identification information includes 
a serial number of an integrated circuit device employed within the platform. 

12. (Currently Amended) An integrated circuit device comprising: 
a boot block memory unit; and 
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a trusted platform module communicatively coupled to the boot block memory unit and 
including an interface adapted to provide a communication path to the boot block memory unit, a 
processor and an internal memory , the trusted platform module to produce a combination key 
internally within the trusted platform module by combining a first incoming keying material with 
a second keying material internally stored within the integrated circuit and to decrypt a second 
BIOS area using the combination key to recover a second segment of BIOS code. 

13. (Original) The integrated circuit device of claim 12, wherein the boot block 
memory unit to load a BIOS code including a first BIOS area and a second BIOS area, the first 
BIOS area being an encrypted first segment of the BIOS code and the second BIOS area being 
an encrypted second segment of the BIOS code. 

14. (Original) The integrated circuit device of claim 13, wherein the trusted platform 
module to decrypt the first BIOS area to recover a first segment of the BIOS code. 

1 5 . (Currently Amended) A platform comprising: 
an input/output control hub (ICH); 

a non- volatile memory unit coupled to the ICH, the non- volatile memory unit including a 
BIOS code including a first BIOS area and a second BIOS area, the first BIOS area being an 
encrypted first segment of the BIOS code and the second BIOS area being an encrypted second 
segment of the BIOS code; and 

a trusted platform module coupled to the ICH, the trusted platform module to produce a 
combination key by combining a first incoming keying material released after authentication of a 
user of the platform with a second keying material internally stored within the platform and to 
decrypt the second BIOS area using the combination key to recover the second segment of BIOS 
code. 

16. (Original) The platform of claim 15, wherein the trusted platform module to 
further decrypt the first BIOS area to recover the first segment of the BIOS code in an non- 
encrypted format. 
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17. (Original) The platform of claim 15 further comprising a hard disk drive coupled 
to the ICR 

18. (Original) The platform of claim 17, wherein the trusted platform module to 
further unbind keying material associated with the hard disk drive to access contents stored 
within the hard disk drive. 

19. (Currently Amended) A program loaded into readable memory for execution by a 
trusted platform module of a platform, the program comprising: 

code to decrypt a first Basic Input/Output System (BIOS) area to recover a first segment 
of BIOS code; 

code to produce a combination key by combining a first incoming keying material 
released after authentication of a user of the platform with a second keying material internally 
stored within the trusted platform module; and 

code to decrypt a second BIOS area using the combination key to recover a second 
segment of the BIOS code. 

20. (Original) The program of claim 19, wherein the first BIOS area is the first 
segment of the BIOS code encrypted with a keying material and the second BIOS area is the 
second segment of the BIOS code encrypted with the combination key. 

21. (Original) The program of claim 19 further comprising: 

code to unbind keying material associated with a non-volatile storage device for 
accessing contents stored within the non- volatile storage device. 

22. (New) The method of claim 5, wherein the static information is a serial number 
or a hash value of the serial number associated with hardware within the platform. 

23. (New) The integrated circuit device of claim 12 being implemented within a 
platform and coupled to an input /output control hub in communication with a processor of the 
platform. 
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